Mandriva Linux Security Advisory 2012-138 - Helmut Grohne and Michael Biebl discovered that ACPI scripts were executed with a permissive file mode creation mask. A local attacker could read files and modify directories created by ACPI scripts that did not set a strict umask. The updated packages have been patched to correct this issue.
777c252149381fb8d0325b5933f33cc0
Mandriva Linux Security Advisory 2012-137 - Oliver-Tobias Ripka discovered that an ACPI script incorrectly handled power button events. A local attacker could use this to execute arbitrary code, and possibly escalate privileges. Helmut Grohne and Michael Biebl discovered that ACPI scripts were executed with a permissive file mode creation mask. A local attacker could read files and modify directories created by ACPI scripts that did not set a strict umask. The updated packages have been patched to correct these issues.
8bc011636a8c83436319e265b2287d5f
Debian Linux Security Advisory 2362-1 - Multiple vulnerabilities were found in the acpid, the Advanced Configuration and Power Interface event daemon.
44896c5053b2e34b85763dac848c4443
Ubuntu Security Notice 1296-1 - Oliver-Tobias Ripka discovered that an ACPI script incorrectly handled power button events. A local attacker could use this to execute arbitrary code, and possibly escalate privileges. Helmut Grohne and Michael Biebl discovered that ACPI scripts were executed with a permissive file mode creation mask (umask). A local attacker could read files and modify directories created by ACPI scripts that did not set a strict umask. Various other issues were also addressed.
9ba984edb30803a1c19c4bed3fbbcac7